Sensor overload? How the Internet of Things will increase security risks

By Frank Konkel

Sep 13, 2013

A digital picture frame connected to the Internet could provide family photos, images of faraway lands ... and a point of entry for hackers trying to take over a home network in the near-future Internet of Things. (Stock image)

Look down at your iPhone, Android or tablet – it's filled with five to 10 data-producing sensors.

Modern kitchen appliances, smart vehicles, smart homes, and other objects that once had no relation to the Internet now contain dozens of sensors for all kinds of things – they read temperatures, they monitor your heart rate and perform countless other functions, all of them generating data.

More sensors means more Internet-connected devices, which translates to increased cybersecurity risk profiles for every human, machine and organization that makes use of them, and the world is about to become even more saturated with sensors, according to Robin Gilthorpe, chief executive officer of Terracotta Inc.

Speaking at a Sept. 12 FCW executive briefing on cybersecurity, Gilthorpe outlined the challenges inherent in a world fast approaching one trillion sensors.

"The world is changing from an Internet of ideas to an Internet of things," Gilthorpe said, noting that some smart phones now come equipped with 10 to 15 sensors.

In October, Stanford University will host the first-ever Trillion Sensors Summit, inviting visionaries and industry experts to sound off on the issue. Industry predictions hold that the world will have more than a trillion sensors operating by 2023.

What the rapid growth in sensor technology and abundance means for the world is not yet clear. What is clear is that there will be exponentially more data available.

Cisco predicts there will be 25 billion devices connected to the Internet by 2015, and 50 billion by 2020, producing an interconnectedness of systems, software and a deluge of data almost unfathomably large.

But with the exponential growth in connections between data sets and systems comes increased - vulnerabilities.

Smart cars have been proven hackable through a variety of means, including malware introduced through an MP3 player. If the prospect of a remote attacker gaining access to your moving vehicle doesn't scare you, Gilthorpe said smart homes will be just as vulnerable. Something as simple as a poorly secured WiFi-connected digital picture frame could be enough to give future intruders an "in" to a home network of computers and private information.

The potential for damage is at once staggering and mysterious, especially for the government, which will certainly have decisions to make regarding what kinds of devices – and even appliances in office kitchens – to allow within federal facilities.

The Internet of Things won't just make more data, Gilthorpe said, it will drastically increase the amount of metadata – data about data – traveling at the speed of light between disparate systems. There may be significant opportunities for intelligence collection lurking within.

At a previous speaking engagement, Randy Garrett, a program manager for the Information Innovation Office at the Defense Advanced Research Projects Agency said the Internet of Things "makes you wonder what kind of world we'll have."

OPM is partnering with CSID to try to manage the fallout from a massive breach of some 4 million federal personnel records.

Reader comments

Mon, Sep 16, 2013

The article avoids thinking of one way to prevent the issue------do not activate or hook up the internet feature. But then that is counter intuitive to many people since you have to have the latest and greatest buzz word that "helps" make it so that you do not have to think.

My TV has internet, a feature I do not need but had to pay for because it is "needed" (even though that port is not connected). Several months ago we looked at several refrigerators and rejected them since they had an extra cost – internet sensors.

Unfortunately, as another article pointed out on 'smart' phones, sometimes you disable the features but the firmware stealth activates them and sends out the information you do not want to send.

Please post your comments here. Comments are moderated, so they may not appear immediately
after submitting. We will not post comments that we consider abusive or off-topic.